Messages

1

Virtual private networks / Using Monit to restart openvpn server when ping fails

« on: April 07, 2021, 07:05:24 pm »

Hi,

On the latest and greatest version of OPNsense.  Have a vpn Server on OPNsense router  that a client connects to for a site to site vpn.  Anytime a router on either side reboots, or if there is a network blip, the tunnel dies, and I have to login to router and start the openvpn service.  I tried following this tutorial, but cannot get it to work.

https://forum.opnsense.org/index.php?topic=6979.0

I can create the monit service for pinging the gateway of the remote network, but am stuck at how to get monit to actually restart the openvpn server.  Can anyone give me some guidance?

 On command line I can see the service.  If I run ps aux | grep openvpn I get:
root    88677   0.0  0.4 1073220  8632  -  Ss   08:16      0:00.26 /usr/local/sbin/openvpn --config /var/etc/openvpn/server1.conf

2

Virtual private networks / Client Specific Overrides File not being created for site to site OpenVPN Tunnel

« on: February 07, 2021, 06:51:36 am »

Hi,

I have created a site to site openvpn tunnel.  It appears that the Client Specific Overrides file is not being created, so my routing is not working properly between the sites.  On the OPNsense box in my server1.conf file I see this line:

client-config-dir /var/etc/openvpn-csc/1

When I go to that directory it is empty.  In the gui  VPN: OpenVPN: Client Specific Overrides I have created an override with all the subnets and what not that should be needed for the VPN.  The common name for the override matches the common name of the client certificate I created for the VPN client under System: Trust: Certificates.

Is there a reason the file is not showing up in the /var/etc/openvpn-csc/1 directory?